Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2019-11677

The Custom Report import function in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224 is vulnerable to XML External Entity (XXE) Injection.

  • Published: May 2, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2019-11677
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
zohocorp / manageengine_firewall_analyzer 7.2-7021 7.2-7021.x
zohocorp / manageengine_firewall_analyzer 7.2-7020 7.2-7020.x
zohocorp / manageengine_firewall_analyzer 7.4-7400 7.4-7400.x
zohocorp / manageengine_firewall_analyzer 8.0-8000 8.0-8000.x
zohocorp / manageengine_firewall_analyzer 7.6-7600 7.6-7600.x
zohocorp / manageengine_firewall_analyzer 8.1-8110 8.1-8110.x
zohocorp / manageengine_firewall_analyzer 8.3-8300 8.3-8300.x
zohocorp / manageengine_firewall_analyzer 8.5-8500 8.5-8500.x
zohocorp / manageengine_firewall_analyzer 12.0-12000 12.0-12000.x
zohocorp / manageengine_firewall_analyzer 12.2-12200 12.2-12200.x
zohocorp / manageengine_firewall_analyzer 12.3-123223 12.3-123223.x
zohocorp / manageengine_firewall_analyzer 12.3-123222 12.3-123222.x
zohocorp / manageengine_firewall_analyzer 12.3-123218 12.3-123218.x
zohocorp / manageengine_firewall_analyzer 12.3-123208 12.3-123208.x
zohocorp / manageengine_firewall_analyzer 12.3-123197 12.3-123197.x
zohocorp / manageengine_firewall_analyzer 12.3-123194 12.3-123194.x
zohocorp / manageengine_firewall_analyzer 12.3-123186 12.3-123186.x
zohocorp / manageengine_firewall_analyzer 12.3-123185 12.3-123185.x
zohocorp / manageengine_firewall_analyzer 12.3-123182 12.3-123182.x
zohocorp / manageengine_firewall_analyzer 12.3-123177 12.3-123177.x
zohocorp / manageengine_firewall_analyzer 12.3-123169 12.3-123169.x
zohocorp / manageengine_firewall_analyzer 12.3-123164 12.3-123164.x
zohocorp / manageengine_firewall_analyzer 12.3-123156 12.3-123156.x
zohocorp / manageengine_firewall_analyzer 12.3-123151 12.3-123151.x
zohocorp / manageengine_firewall_analyzer 12.3-123137 12.3-123137.x
zohocorp / manageengine_firewall_analyzer 12.3-123129 12.3-123129.x
zohocorp / manageengine_firewall_analyzer 12.3-123126 12.3-123126.x
zohocorp / manageengine_firewall_analyzer 12.3-123092 12.3-123092.x
zohocorp / manageengine_firewall_analyzer 12.3-123083 12.3-123083.x
zohocorp / manageengine_firewall_analyzer 12.3-123070 12.3-123070.x
zohocorp / manageengine_firewall_analyzer 12.3-123064 12.3-123064.x
zohocorp / manageengine_firewall_analyzer 12.3-123057 12.3-123057.x
zohocorp / manageengine_firewall_analyzer 12.3-123045 12.3-123045.x
zohocorp / manageengine_firewall_analyzer 12.3-123027 12.3-123027.x
zohocorp / manageengine_firewall_analyzer 12.3-123008 12.3-123008.x
zohocorp / manageengine_firewall_analyzer 12.3-12300 12.3-12300.x